2 cissp ® Official Study Guide Eighth Edition

Download 19,3 Mb.

Pdf ko'rish

bet	756/881
Sana	08.04.2023
Hajmi	19,3 Mb.
	#925879

1 ... 752 753 754 755 756 757 758 759 ... 881

Bog'liq
(CISSP) Mike Chapple, James Michael Stewart, Darril Gibson - CISSP Official Study Guide-Sybex (2018)

Theft/Vandalism

811
Strikes/Picketing
When designing your business continuity and disaster recovery plans, don’t forget about
the importance of the human factor in emergency planning. One form of man-made disas-
ter that is often overlooked is the possibility of a strike or other labor crisis. If a large
number of your employees walk out at the same time, what impact would that have on
your business? How long would you be able to sustain operations without the regular full-
time employees that staff a certain area? Your BCP and DRP teams should address these
concerns and provide alternative plans should a labor crisis occur.
Theft/Vandalism
Earlier, we talked about the threat that terrorist activities pose to an organization. Theft
and vandalism represent the same kind of threat on a much smaller scale. In most cases,
however, there’s a far greater chance that your organization will be affected by theft or
vandalism than by a terrorist attack. Insurance provides some fi nancial protection against
these events (subject to deductibles and limitations of coverage), but acts of this kind can
cause serious damage to your business, on both a short-term and a long-term basis. Your
business continuity and disaster recovery plans should include adequate preventive measures
to control the frequency of these occurrences as well as contingency plans to mitigate the
effects theft and vandalism have on ongoing operations.
Theft of infrastructure is becoming increasingly common as scrappers
target copper in air-conditioning systems, plumbing, and power subsystems.
It’s a common mistake to assume that fixed infrastructure is unlikely to be
a theft target.
offsite Challenges to Security
The constant threat of theft and vandalism is the bane of information security profes-
sionals worldwide. Personal identity information, proprietary or trade secrets, and other
forms of confi dential data are just as interesting to those who create and possess them as
they are to direct competitors and other unauthorized parties. Here’s an example.
Aaron knows the threats to confi dential data fi rsthand, working as a security offi cer for a
very prominent and highly visible computing enterprise. His chief responsibility is to keep
sensitive information from exposure to various elements and entities. Bethany is one of
his more troublesome employees because she’s constantly taking her notebook computer
off site without properly securing its contents.
Even a casual smash-and-grab theft attempt could put thousands of client contacts and
their confi dential business dealings at risk of being leaked and possibly sold to malicious
parties. Aaron knows the potential dangers, but Bethany just doesn’t seem to care.

812
Chapter 18
■
Disaster Recovery Planning
This poses the question: How might you better inform, train, or advise Bethany so that
Aaron does not have to relieve her of her position should her notebook be stolen? Bethany
must come to understand and appreciate the importance of keeping sensitive information
secure. It may be necessary to emphasize the potential loss and exposure that comes
with losing such data to wrongdoers, competitors, or other unauthorized third parties.
It may suffi ce to point out to Bethany that the employee handbook clearly states that
employees whose behavior leads to the unauthorized disclosure or loss of information
assets are subject to loss of pay or termination. If such behavior recurs after a warning,
Bethany should be rebuked and reassigned to a position where she can’t expose sensitive
or proprietary information—that is, if she’s not fi red on the spot.
Keep the impact that theft may have on your operations in mind when
planning your parts inventory. It’s a good idea to keep extra inventory of
items with a high pilferage rate, such as random-access memory (RAM)
chips and laptops. It’s also a good idea to keep such materials in secure
storage and to require employees to sign such items out whenever they
are used.
Understand System Resilience
and Fault Tolerance
Technical controls that add to system resilience and fault tolerance directly affect availability,
one of the core goals of the CIA security triad (confi dentiality, integrity, and availability). A
primary goal of system resilience and fault tolerance is to eliminate single points of failure.
A
single point of failure (SPOF)
is any component that can cause an entire system to fail.
If a computer has data on a single disk, failure of the disk can cause the computer to fail, so
the disk is a single point of failure. If a database-dependent website includes multiple web
servers all served by a single database server, the database server is a single point of failure.
Fault tolerance
is the ability of a system to suffer a fault but continue to operate. Fault
tolerance is achieved by adding redundant components such as additional disks within a
redundant array of inexpensive disks (RAID) array, or additional servers within a failover
clustered confi guration.
System resilience
refers to the ability of a system to maintain an acceptable level of
service during an adverse event. This could be a hardware fault managed by fault-tolerant
components, or it could be an attack managed by other controls such as effective intru-
sion detection and prevention systems. In some contexts, it refers to the ability of a system
to return to a previous state after an adverse event. For example, if a primary server in a
failover cluster fails, fault tolerance ensures that the system fails over to another server.
System resilience implies that the cluster can fail back to the original server after the
original server is repaired.

Understand System Resilience and Fault Tolerance

Download 19,3 Mb.

Do'stlaringiz bilan baham:

1 ... 752 753 754 755 756 757 758 759 ... 881